[Web] Return 401 status code when API authentication fails

master
ntimo 2019-10-02 13:05:12 +02:00
parent 9f66b83a34
commit 8b5be0b56d
No known key found for this signature in database
GPG Key ID: 3AF3627FB0440D55
1 changed files with 2 additions and 0 deletions

View File

@ -60,6 +60,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
'msg' => 'api access denied for ip ' . $_SERVER['REMOTE_ADDR']
@ -71,6 +72,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
'msg' => 'authentication failed'